The Chinese electronics firm that created many of the IoT devices used in last week’s DDoS attack on DNS service provider Dyn is issuing a product recall in the US. Researchers said Hangzhou Xiongmai Technology’s products, such as webcams and digital video recorders, were able to aid the assault because of their basic security errors.
The unprecedented attack, which knocked off several major websites for hours, was caused by the Mirai malware. It seeks out internet of things devices that use factory-default usernames and passwords before exploiting them and forcing the products to join botnets used in DDoS attacks.
Security researchers say Xiongmai’s easy-to-guess default passwords and the inability to set a password on some forms of connection meant their products made up the majority of the devices used in the attack. The company denied this, and stated that users should change the default passwords.
“Security issues are a problem facing all mankind. Since industry giants have experienced them, Xiongmai is not afraid to experience them once, too,” the company said in a statement.
The recall will mainly affect webcams made by Xiongmai. The company is also issuing a patch for products made before April 2015 and improving the password function of its devices.
Chinese firm Dahua Technology said that some of its older products were also vulnerable to these sort of attacks. It is now offering firmware updates and discounts for customers wishing to exchange devices.
As the popularity of IoT devices continues to grow, an increasing number of hackers are exploiting the poor security found in these products. “For something with so much promise, and marketing opportunities, the Internet of Things is a total mess, at least from a security standpoint, ” Lee Munson, Security Researcher for Comparitech.com, told me.
“The fact that Xiongmai is recalling devices in the wake of the Dyn DDoS attack just reeks of another manufacturer rushing to market without sparing a thought for how networked devices could - or should - be protected from attackers who are always looking for new opportunities to compromise their way to their goals."
We still don’t know who was behind Friday's attack, though several different hacking groups have claimed responsibility. While US intelligence agencies say it wasn't state-sponsored, antivirus pioneer John McAfee believes the culprit was North Korea.